| ▲ | grandinj 6 days ago | |||||||
That is a pity. Clearly we need some kind of | ||||||||
| ▲ | jve 6 days ago | parent | next [-] | |||||||
And can we have bounties for fixing know CVEs in that abandoned code? Abandoned Code home should only allow security changes and if someone wants to revive the project, bump the major version and get out of abandoned code home. That is to prevent abuse by introducing new CVEs into software. While the abandoned code home hosts that piece of software for as long as some corporation wants to keep it alive with low investment. Found CVE in abandoned code and fixed yourself? Good for you, still eligible for bounty. | ||||||||
| ▲ | kstrauser 6 days ago | parent | prev | next [-] | |||||||
Isn’t that the Apache Foundation? I kid. Mostly. | ||||||||
| ||||||||
| ▲ | em-bee 6 days ago | parent | prev | next [-] | |||||||
there exist at least one or two of those. i can't think of the name unfortunately. i believe it has been discussed on hackernews too. https://www.commonhaus.org/ seems to be something similar, but that's not what i was thinking of. the one i remember focused on projects that their maintainers wanted to give up right away. | ||||||||
| ▲ | arp242 6 days ago | parent | prev [-] | |||||||
If no one cares enough to do some basic maintenance then maybe it should die? | ||||||||